Prosím o kontrolu logu

[warcraftan]

FRST se mi taky nedaří rozjet už nevím, jsem asi zakletý, prokletý

Jinak samozřejmě zkoušel jsem vypnout všechno, co by mu bránilo, i safe mode a když jsem přešel do nabídky, tak mi nefunguje myš ani klávesnice

takže se tomu už jenom směnu, nicméně nevadí, prolezli jsme ten počítač skrz na skrz poctivě i tak
děkuji Jaro
nakonec dávám HJT a pak fajfku

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:45:31, on 06.11.2025
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.26100.1882)


Boot mode: Normal

Running processes:
C:\Users\petrh\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Users\petrh\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKLM\..\Run: [Discord] C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall
O4 - HKLM\..\Run: [Glorious Core] C:\Program Files (x86)\Glorious CORE\Glorious Core.exe --hide
O4 - HKCU\..\Run: [OneDrive] "C:\Users\petrh\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [AMDNoiseSuppression] "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\petrh\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Discord] "C:\Users\petrh\AppData\Local\Discord\Update.exe" --processStart Discord.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [com.electron] C:\Program Files (x86)\Glorious Core\Glorious Core.exe
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_017EB225EE6215ADA3CBFA7E3ECF91FC] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE/3000
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Advanced Micro Devices, Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_5217b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\WINDOWS\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\141.0.7390.125\elevation_service.exe
O23 - Service: Intern aktualiza n slu ba Google (GoogleUpdaterInternalService143.0.7482.0) (GoogleUpdaterInternalService143.0.7482.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe
O23 - Service: Aktualiza n slu ba Google (GoogleUpdaterService143.0.7482.0) (GoogleUpdaterService143.0.7482.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\localkdcsvc.dll,-1 (LocalKdc) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\midisrv.exe,-101 (midisrv) - Unknown owner - C:\WINDOWS\system32\midisrv.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_Case_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
O23 - Service: MSI Center Service (MSI_Center_Service) - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ReFsDedupSvc.exe,-100 (refsdedupsvc) - Unknown owner - C:\WINDOWS\System32\ReFsDedupSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem21.inf,%RTUsbSwSrvc.DeviceDesc.DispName%;RTUsbSwSrvc (RTUsbSwSrvc) - Realtek Semiconductor Corp. - C:\WINDOWS\RTUWPSrvcMain.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: Wifi AutoInstall Service (WifiAutoInstallSrv) - Realtek - C:\Program Files\TP-Link\Archer TX20U\WifiAutoInstall\WifiAutoInstallSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9690 bytes

[jaro3]

Vypnout všechny ochrany firewall i ten Microsoft Defender.I ten malwarebytes a RogueKiller. Stáhnout znovu FRST a mělo by to jít. Je ti divný.

[warcraftan]

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-11-2025
Ran by petrh (administrator) on 7EVEN (Micro-Star International Co., Ltd MS-7A34) (09-11-2025 19:13:34)
Running from C:\Users\petrh\Desktop\FRST64.exe
Loaded Profiles: petrh
Platform: Microsoft Windows 11 Home Version 24H2 26100.6899 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.61.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Users\petrh\AppData\Roaming\uTorrent\uninstall.exe ->) (Zdenek Svub -> BitTorrent, Inc.) C:\Users\petrh\AppData\Roaming\uTorrent\utorrent.exe
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Discord Inc. -> Discord Inc.) C:\Users\petrh\AppData\Local\Discord\app-1.0.9213\Discord.exe <6>
(DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atieclxx.exe
(explorer.exe ->) (AB Team d. o. o. -> AB Team) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\petrh\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Glorious, LLC) [File not signed] C:\Program Files (x86)\Glorious Core\Glorious Core.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Zdenek Svub -> Zdenek Svub) C:\Users\petrh\AppData\Roaming\uTorrent\uninstall.exe
(Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2025.11100.9001.0_x64__8wekyb3d8bbwe\Photos.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petrh\AppData\Local\Microsoft\OneDrive\25.199.1012.0002_1\OneDrive.Sync.Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MsMpEng.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RTUWPSrvcMain.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files\TP-Link\Archer TX20U\WifiAutoInstall\WifiAutoInstallSrv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI) C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe <5>
(svchost.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.29429.1000.0_x64__8wekyb3d8bbwe\SecHealthUI.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.165.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\petrh\AppData\Local\Microsoft\OneDrive\25.199.1012.0002_1\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\10.0.29429.1000-0\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [115848568 2025-04-27] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [Glorious Core] => C:\Program Files (x86)\Glorious CORE\Glorious Core.exe [163392512 2025-02-04] (Glorious, LLC) [File not signed]
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\142.0.3595.69\Installer\setup.exe [7659088 2025-11-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\Run: [f.lux] => C:\Users\petrh\AppData\Local\FluxSoftware\Flux\flux.exe [1535600 2025-03-14] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\Run: [Discord] => C:\Users\petrh\AppData\Local\Discord\Update.exe [1516408 2025-04-22] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4699288 2025-10-03] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\Run: [com.electron] => C:\Program Files (x86)\Glorious Core\Glorious Core.exe [163392512 2025-02-04] (Glorious, LLC) [File not signed]
HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\Run: [MicrosoftEdgeAutoLaunch_017EB225EE6215ADA3CBFA7E3ECF91FC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4253224 2025-10-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\MountPoints2: {1574e719-8687-11f0-beac-309c2346cd41} - "E:\SetupInstall.exe"
HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\MountPoints2: {5ce3c62b-8196-11f0-beaa-309c2346cd41} - "E:\SetupInstall.exe"
HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\MountPoints2: {c996df50-a2c6-11f0-beb0-309c2346cd41} - "E:\SetupInstall.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.125\Installer\chrmstp.exe [2025-11-02] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {B30F3738-2845-4921-856E-90D85A4D8969} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {07DD899E-7A71-4B2A-9C12-182D450A121C} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [184024 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {23544F8E-F432-498C-950D-6AD8EA5F7B35} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem143.0.7482.0{F61D72D2-18E3-41BC-BAB8-5FE53C9D04A1} => C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe [6933656 2025-10-19] (Google LLC -> Google LLC)
Task: {DA492F15-AE78-4024-B4D6-AF5046AE43D7} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16961872 2025-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1548B10-2F60-4445-8BD4-C3613F725105} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29173088 2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C08135F-15E1-42F9-B634-3AF713E48341} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [70488 2025-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {936DC895-C5E3-434A-9AE7-8EBB44D55602} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29173088 2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B08D6E4-BF3E-4D7B-9320-C2CCA6A571EC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [316736 2025-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4BDB3EB-4BC9-495D-81C1-AF710E7942F6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [316736 2025-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DF97BB0-5D2C-4E5D-BC1B-D57F715B65A8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1365280 2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {DAB1A2D9-A354-4EFF-8AEE-C25C5FE32334} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpCmdRun.exe [1790640 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68DAAB6B-8E38-4528-BA1B-88FBC3324539} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpCmdRun.exe [1790640 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B26B300-F6C1-4E1A-A810-34EEF2CB4F38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpCmdRun.exe [1790640 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D598B51-6790-416E-9433-DD7128E4FA75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpCmdRun.exe [1790640 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B00BFF8A-5B47-4E26-832E-A9CE5F770775} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {6C93CBFE-0000-4688-8C76-58F4FE8D0B66} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1179330921-843418109-1189897237-1001 => C:\Users\petrh\AppData\Local\Microsoft\OneDrive\25.199.1012.0002_1\OneDriveLauncher.exe [727440 2025-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F8811EE-360C-4CFC-AABA-C275E365D737} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {454E0713-2465-4148-B1C9-34146E98ECFC} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{536403c7-c176-412c-b593-5121884d5864}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f950f24d-8928-4ff5-baec-aee49ab27e41}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f950f24d-8928-4ff5-baec-aee49ab27e41}: [DhcpDomain] home

Edge:
=======
Edge Profile: C:\Users\petrh\AppData\Local\Microsoft\Edge\User Data\Default [2025-11-09]
Edge Extension: (Dokumenty Google offline) - C:\Users\petrh\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-05]
Edge Extension: (Edge relevant text changes) - C:\Users\petrh\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-11-05]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default [2025-11-09]
CHR Notifications: Default -> hxxps://csfloat.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/","hxxp://www.facebook.co ... utube.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (BetterTTV) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2025-11-06]
CHR Extension: (Slate) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhmcmgkegfffbbfobhjpdbimgmoohap [2025-11-06]
CHR Extension: (FrankerFaceZ) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2025-11-06]
CHR Extension: (Return YouTube Dislike) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2025-11-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-05]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-11-06]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2025-11-06]
CHR Extension: (Sygic Truck Route Sender) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbmaohenoelmngbbkjlfjboppojeckbm [2025-11-06]
CHR Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2025-11-06]
CHR Extension: (Repeek (formerly FACEIT Enhancer)) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mokknliiomknodkdmpcellamkopbdmao [2025-11-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\petrh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-11-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13366704 2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpDefenderCoreService.exe [2026144 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [134160 2025-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [181776 2025-04-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 RTUsbSwSrvc; C:\WINDOWS\RTUWPSrvcMain.exe [1026160 2024-10-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\NisSrv.exe [4418608 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WifiAutoInstallSrv; C:\Program Files\TP-Link\Archer TX20U\WifiAutoInstall\WifiAutoInstallSrv.exe [139672 2024-10-09] (Realtek Semiconductor Corp. -> Realtek)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MsMpEng.exe [282440 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33592 2024-09-12] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [48328 2024-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys [113880 2024-05-10] (Advanced Micro Devices -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\amdkmdag.sys [106596128 2024-09-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2025-11-05] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-04-26] (Microsoft Corporation) [File not signed]
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333216 2025-10-06] (Microsoft Windows -> Microsoft Corporation)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32592 2024-09-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_feec7a9662e785f0\rtcx21x64.sys [539648 2024-03-28] (Microsoft Windows -> Realtek)
R3 rtwlanu6; C:\WINDOWS\System32\drivers\rtwlanu6.sys [16427520 2024-10-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48800 2022-02-23] (SteelSeries ApS -> SteelSeries ApS)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20888 2025-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [629128 2025-10-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102832 2025-10-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-11-09 19:13 - 2025-11-09 19:14 - 000022799 _____ C:\Users\petrh\Desktop\FRST.txt
2025-11-09 19:07 - 2025-11-09 18:44 - 002443776 _____ (Farbar) C:\Users\petrh\Desktop\FRST64.exe
2025-11-09 18:59 - 2025-11-09 19:13 - 000000000 ____D C:\FRST
2025-11-09 16:53 - 2025-11-09 16:53 - 000677108 _____ C:\WINDOWS\system32\perfh005.dat
2025-11-09 16:53 - 2025-11-09 16:53 - 000144960 _____ C:\WINDOWS\system32\perfc005.dat
2025-11-07 23:54 - 2025-11-09 18:49 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-11-07 17:07 - 2025-11-07 17:07 - 000000000 ____D C:\Users\petrh\AppData\Local\Blizzard
2025-11-07 17:05 - 2025-11-07 17:05 - 000000000 ____D C:\ProgramData\Battle.net
2025-11-07 17:04 - 2025-11-07 17:11 - 000000000 ____D C:\Users\petrh\Documents\Warcraft III
2025-11-07 17:04 - 2025-11-07 17:05 - 000000000 ____D C:\Users\petrh\AppData\Local\Blizzard Entertainment
2025-11-07 17:04 - 2025-11-07 17:04 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2025-11-07 16:46 - 2025-11-07 17:02 - 000000000 ____D C:\Users\petrh\Desktop\Mordhau
2025-11-07 16:45 - 2025-11-07 16:45 - 000000000 ____D C:\Users\petrh\Desktop\Warcraft 3 WC3_1.30.1-win-enUS - Without CD Key Full Game
2025-11-07 16:45 - 2025-11-07 16:45 - 000000000 ____D C:\Users\petrh\Desktop\revolt
2025-11-07 16:45 - 2025-11-07 16:45 - 000000000 ____D C:\Users\petrh\Desktop\Quake III Arena
2025-11-07 16:25 - 2025-11-07 16:25 - 000000838 _____ C:\Users\petrh\Desktop\lan.download
2025-11-06 10:39 - 2025-11-06 10:39 - 000000000 ____D C:\Users\petrh\Documents\Zvukové záznamy
2025-11-06 10:33 - 2025-11-06 10:33 - 000000000 ____D C:\Users\petrh\AppData\Local\ProcessLasso
2025-11-05 14:11 - 2025-11-05 14:22 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2025-11-05 14:04 - 2025-11-05 14:22 - 000000000 ____D C:\Users\petrh\AppData\Local\AMSDK
2025-11-05 13:54 - 2025-11-09 16:50 - 000000000 ____D C:\Users\petrh\AppData\Roaming\discord
2025-11-05 13:53 - 2025-11-06 10:42 - 000000000 ____D C:\Users\petrh\AppData\Local\VirtualStore
2025-11-05 13:50 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2025-11-05 13:05 - 2025-11-05 13:05 - 000000691 _____ C:\Users\petrh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zoek (1).lnk
2025-11-05 13:04 - 2025-11-06 10:07 - 000000000 ____D C:\WINDOWS\RTUWPSrvcMain
2025-11-05 13:00 - 2025-11-07 17:48 - 000000000 ____D C:\Users\petrh\AppData\Local\CrashDumps
2025-11-05 13:00 - 2025-11-05 13:45 - 000000000 ____D C:\zoek_backup
2025-11-05 12:19 - 2025-11-05 12:19 - 000001188 _____ C:\Users\petrh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JRT.lnk
2025-11-04 10:21 - 2025-11-04 10:21 - 000001187 _____ C:\Users\petrh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adlice Protect.lnk
2025-11-04 10:20 - 2025-11-04 10:20 - 051983448 _____ (Adlice Software ) C:\Users\petrh\Desktop\RogueKiller_setup.exe
2025-11-04 10:15 - 2025-11-04 10:15 - 000000719 _____ C:\Users\petrh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SetupInstall.lnk
2025-11-03 14:52 - 2025-11-03 14:52 - 000000000 ____D C:\ProgramData\Sophos
2025-11-03 08:04 - 2025-11-03 08:04 - 000000000 ____D C:\ProgramData\Whesvc
2025-11-03 07:46 - 2025-11-03 14:49 - 000000000 ____D C:\AdwCleaner
2025-11-02 19:37 - 2025-11-03 07:41 - 000001062 _____ C:\Users\petrh\Desktop\Temp File Cleaner.lnk
2025-11-02 19:37 - 2025-11-02 19:37 - 000000911 _____ C:\Users\petrh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2025-11-02 19:37 - 2025-11-02 19:37 - 000000000 ____D C:\Users\petrh\AppData\Roaming\addpcs
2025-11-02 19:37 - 2025-11-02 19:37 - 000000000 ____D C:\Program Files\Temp File Cleaner
2025-11-02 16:14 - 2025-11-02 16:14 - 000000000 ____D C:\Users\petrh\Desktop\vibranceGUI
2025-11-02 16:14 - 2025-11-02 16:14 - 000000000 ____D C:\Users\petrh\AppData\Roaming\vibranceGUI
2025-11-02 12:54 - 2025-11-02 12:54 - 000000000 _____ C:\Users\petrh\Desktop\prikazy.txt
2025-11-02 11:24 - 2025-11-02 11:24 - 000000000 ____D C:\Users\petrh\AppData\Local\ATI
2025-11-02 10:16 - 2025-11-02 10:16 - 000003230 _____ C:\Users\petrh\Desktop\autoexec.cfg
2025-11-02 09:32 - 2025-11-02 09:32 - 000006796 _____ C:\Users\petrh\Desktop\config.zip
2025-11-02 09:22 - 2025-11-02 09:22 - 000388608 _____ (Trend Micro Inc.) C:\Users\petrh\Desktop\HijackThis.exe
2025-11-02 09:22 - 2018-12-10 19:29 - 000794624 _____ (juvlarN) C:\Users\petrh\Desktop\vibranceGUI.exe
2025-11-02 09:21 - 2025-11-02 09:21 - 000236983 _____ C:\Users\petrh\Desktop\vibranceGUI.zip
2025-11-02 08:25 - 2025-11-02 08:25 - 000000623 _____ C:\Users\petrh\Desktop\cleartemp.bat
2025-11-02 08:16 - 2025-11-02 08:17 - 000000000 ____D C:\Users\petrh\AppData\Roaming\ProcessLasso
2025-11-02 08:16 - 2025-11-02 08:16 - 002638408 _____ (Bitsum LLC) C:\Users\petrh\Desktop\processlassosetup64.exe
2025-11-01 21:53 - 2025-11-01 21:53 - 000001172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpion's WinCheater 2.lnk
2025-11-01 21:53 - 2025-11-01 21:53 - 000001160 _____ C:\Users\petrh\Desktop\Scorpion's WinCheater 2.lnk
2025-11-01 21:52 - 2025-11-01 22:04 - 000000000 ____D C:\Program Files (x86)\Scorpions WinCheater
2025-11-01 18:43 - 2025-11-01 18:43 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-10-18 15:12 - 2025-10-18 15:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH
2025-10-17 13:59 - 2025-10-17 13:59 - 000000000 _____ C:\Users\petrh\Desktop\Nový Textový dokument (4).txt
2025-10-15 16:57 - 2025-10-15 16:57 - 000035125 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-10-15 16:57 - 2025-10-15 16:57 - 000035125 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-10-11 20:01 - 2025-10-31 14:45 - 000000000 ____D C:\Users\petrh\Desktop\urad prace dokumenty
2025-10-10 18:53 - 2025-10-10 18:53 - 000000000 _____ C:\Users\petrh\Desktop\Nový Textový dokument (3).txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-11-09 19:14 - 2025-04-26 18:23 - 000000000 ____D C:\Users\petrh\AppData\Roaming\uTorrent
2025-11-09 19:09 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-11-09 19:02 - 2025-05-17 15:38 - 000000000 ____D C:\Program Files (x86)\Steam
2025-11-09 18:49 - 2025-04-27 06:48 - 000000000 ____D C:\Users\petrh\AppData\Local\Discord
2025-11-09 18:49 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-11-09 18:12 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-11-09 18:12 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-11-09 17:56 - 2025-04-28 12:20 - 000000000 ____D C:\Users\petrh\AppData\Roaming\vlc
2025-11-09 16:53 - 2025-04-26 17:31 - 001603790 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-11-09 16:53 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-11-09 16:50 - 2025-07-19 17:41 - 000003098 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2025-11-09 16:49 - 2025-04-30 13:09 - 000000000 ____D C:\Users\petrh\AppData\Roaming\Glorious Core
2025-11-09 16:49 - 2025-04-26 17:38 - 000000000 ___RD C:\Users\petrh\OneDrive
2025-11-09 16:49 - 2025-04-26 17:26 - 000008760 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-11-09 16:49 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-11-09 16:48 - 2025-04-26 17:25 - 000012288 ___SH C:\DumpStack.log.tmp
2025-11-09 16:48 - 2025-04-26 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-11-09 01:17 - 2025-04-26 17:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2025-11-09 01:17 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2025-11-09 00:33 - 2025-06-03 09:45 - 000000000 ____D C:\Program Files\Microsoft Office
2025-11-08 13:30 - 2025-04-26 17:38 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1179330921-843418109-1189897237-1001
2025-11-08 13:30 - 2025-04-26 17:38 - 000003574 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1179330921-843418109-1189897237-1001
2025-11-08 13:30 - 2025-04-26 17:38 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1179330921-843418109-1189897237-1001
2025-11-08 13:30 - 2025-04-26 17:38 - 000002379 _____ C:\Users\petrh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-11-08 11:05 - 2025-04-26 17:42 - 000000000 ____D C:\Users\petrh\AppData\Local\AMD_Common
2025-11-08 10:46 - 2025-04-26 17:36 - 000000000 ____D C:\Users\petrh\AppData\Local\Packages
2025-11-08 10:46 - 2025-04-26 17:28 - 000000000 ____D C:\ProgramData\Packages
2025-11-06 11:41 - 2025-04-26 17:34 - 000000000 ____D C:\Users\petrh
2025-11-06 11:36 - 2025-04-26 17:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-11-06 11:15 - 2025-04-26 17:41 - 000000000 ____D C:\Users\petrh\AppData\Local\AMD
2025-11-06 10:31 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-11-05 13:54 - 2025-04-27 06:49 - 000002243 _____ C:\Users\petrh\Desktop\Discord.lnk
2025-11-03 09:59 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-11-03 09:59 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-11-03 09:59 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2025-11-03 09:59 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2025-11-03 09:59 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2025-11-03 09:59 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2025-11-03 09:59 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\system32\winrm
2025-11-03 09:59 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\system32\WCN
2025-11-03 09:59 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\system32\slmgr
2025-11-03 09:59 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\IME
2025-11-03 09:59 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-11-03 09:59 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-11-03 07:57 - 2025-04-26 19:11 - 000002009 _____ C:\Users\petrh\Desktop\CrystalDiskInfo.lnk
2025-11-03 07:57 - 2025-04-26 19:11 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2025-11-03 07:53 - 2025-08-10 19:45 - 000000000 ____D C:\Program Files (x86)\Fortuna Poker
2025-11-02 12:40 - 2025-04-26 17:38 - 000000000 ____D C:\Users\petrh\AppData\Local\PlaceholderTileLogoFolder
2025-11-02 06:57 - 2025-04-26 17:50 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-11-02 06:57 - 2025-04-26 17:50 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-11-02 06:51 - 2025-04-26 17:26 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-11-02 06:51 - 2025-04-26 17:26 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-11-02 06:45 - 2025-04-26 17:26 - 000003714 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{B23EAE19-935F-403A-ACC2-C42A46E576B4}
2025-11-02 06:45 - 2025-04-26 17:26 - 000003588 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{9F7E5272-A924-402C-A652-B85FFCFACBEB}
2025-10-30 10:48 - 2025-04-26 17:36 - 000000000 ____D C:\Users\petrh\AppData\Local\D3DSCache
2025-10-28 03:51 - 2025-04-26 17:34 - 000000000 ___SD C:\Users\petrh\AppData\Roaming\Microsoft\Protect
2025-10-22 07:58 - 2025-04-26 17:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-10-20 23:31 - 2025-04-26 18:27 - 000002156 _____ C:\Users\petrh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2025-10-19 12:19 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-10-17 07:20 - 2025-04-27 14:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-10-17 07:18 - 2025-04-27 14:28 - 214534944 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-10-16 00:42 - 2025-05-17 15:39 - 000000000 ____D C:\Users\petrh\AppData\Local\Steam
2025-10-15 19:11 - 2025-04-26 17:25 - 000332944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-10-15 19:10 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-10-15 19:10 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-10-15 16:57 - 2025-04-26 17:29 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-10-11 20:00 - 2025-06-03 09:22 - 000000000 ____D C:\Users\petrh\AppData\Roaming\Microsoft\Word

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[warcraftan]

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-11-2025
Ran by petrh (09-11-2025 19:15:08)
Running from C:\Users\petrh\Desktop
Microsoft Windows 11 Home Version 24H2 26100.6899 (X64) (2025-04-26 16:28:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1179330921-843418109-1189897237-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1179330921-843418109-1189897237-503 - Limited - Disabled)
Guest (S-1-5-21-1179330921-843418109-1189897237-501 - Limited - Disabled)
petrh (S-1-5-21-1179330921-843418109-1189897237-1001 - Administrator - Enabled) => C:\Users\petrh
WDAGUtilityAccount (S-1-5-21-1179330921-843418109-1189897237-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.10.22.027 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.30.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.14.2.3330 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.9.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{8d13ff58-77bd-4c18-a602-acd72ef0a328}) (Version: 6.10.22.027 - Advanced Micro Devices, Inc.) Hidden
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
CrystalDiskInfo 9.6.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.6.3 - Crystal Dew World)
Discord (HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\Discord) (Version: 1.0.9189 - Discord Inc.)
f.lux (HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\Flux) (Version: 4.140 - f.lux Software LLC)
Glorious CORE (HKLM-x32\...\{A717F79A-3E09-4441-B378-86CE25CD64C3}_is1) (Version: - Glorious, LLC)
Glorious Core (HKLM-x32\...\{A717F79A-3E09-4441-B378-86CE25CD64C3}}_is1) (Version: - Glorious, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.125 - Google LLC)
HD Tune Pro version 6.10 (HKLM\...\{51DCD78D-1075-4207-A6A5-74D87AFF9D86}_is1) (Version: 6.10 - EFD Software)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 142.0.3595.53 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 142.0.3595.69 - Microsoft Corporation) Hidden
Microsoft Excel 2024 - cs-cz (HKLM\...\Excel2024Retail - cs-cz) (Version: 16.0.19328.20178 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1179330921-843418109-1189897237-1001\...\OneDriveSetup.exe) (Version: 25.199.1012.0002 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Word 2024 - cs-cz (HKLM\...\Word2024Retail - cs-cz) (Version: 16.0.19328.20178 - Microsoft Corporation)
MPC-HC 1.7.9 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.9 - MPC-HC Team)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2025.0421.01 - MSI)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19328.20106 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.3.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.73.815.2024 - Realtek)
Revo Uninstaller 2.5.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.5.8 - VS Revo Group, Ltd.)
RyzenMasterSDK (HKLM\...\{4B4B44C4-19FF-4791-AAD4-1AE011803AE8}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s finální databází 178)_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.5.0.74(master)(8d92a0e96285c09fa03691e2b7618aee84c6c2b6) - Addpcs, LLC)
TP-Link Archer TX20U Driver version 1.0.1.0 (HKLM\...\{1A231470-D2EE-4DCE-9722-CD06BA63ECD0}_is1) (Version: 1.0.1.0 - TP-Link Systems Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-11] ()
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2025-04-26] (Advanced Micro Devices Inc.)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-15] (Microsoft Windows)
ChatGPT -> C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.258.0_x64__2p2nqsd0c76g0 [2025-10-06] (OpenAI) [Startup Task]
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-11-08] ()
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-04-28] (Microsoft Corp.)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-11-08] ()
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.61.0_x64__kzh8wxbdkxb8p [2025-11-06] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-11-08] ()
WinRAR -> C:\Program Files\WinRAR [2025-05-03] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1179330921-843418109-1189897237-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\petrh\AppData\Local\Microsoft\OneDrive\25.199.1012.0002_1\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1179330921-843418109-1189897237-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\petrh\AppData\Local\Microsoft\OneDrive\25.199.1012.0002_1\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1179330921-843418109-1189897237-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [MidisrvTransferComplete] => 0

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\petrh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki

==================== Loaded Modules (Whitelisted) =============

2025-11-09 16:49 - 2025-11-09 16:49 - 002839552 _____ () [File not signed] \\?\C:\Users\petrh\AppData\Local\Temp\650bf452-542b-43e1-8d6b-33829f050baa.tmp.node
2025-11-09 16:49 - 2025-11-09 16:49 - 002908672 _____ () [File not signed] \\?\C:\Users\petrh\AppData\Local\Temp\6c1e3c70-9b69-46b3-bd73-5e1952e16cb3.tmp.node
2025-11-09 16:49 - 2025-11-09 16:49 - 000496128 _____ () [File not signed] \\?\C:\Users\petrh\AppData\Local\Temp\77915a25-8aa7-47a0-aade-2abce9716767.tmp.node
2025-11-09 16:49 - 2025-11-09 16:49 - 000375296 _____ () [File not signed] \\?\C:\Users\petrh\AppData\Local\Temp\817cda51-7add-4b68-b719-15fedc6ded59.tmp.node
2025-11-09 16:49 - 2025-11-09 16:49 - 000707584 _____ () [File not signed] \\?\C:\Users\petrh\AppData\Local\Temp\d7712983-f533-4444-a698-119758e674ee.tmp.node
2025-04-30 13:08 - 2025-02-04 13:00 - 002880000 _____ () [File not signed] C:\Program Files (x86)\Glorious Core\ffmpeg.dll
2025-04-30 13:09 - 2025-02-04 13:00 - 000480256 _____ () [File not signed] C:\Program Files (x86)\Glorious Core\libegl.dll
2025-04-30 13:09 - 2025-02-04 13:00 - 007418880 _____ () [File not signed] C:\Program Files (x86)\Glorious Core\libglesv2.dll
2025-04-30 13:09 - 2025-02-04 13:00 - 005251072 _____ () [File not signed] C:\Program Files (x86)\Glorious Core\vk_swiftshader.dll
2005-08-14 21:09 - 2005-08-14 21:09 - 000111616 _____ () [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\plugins\oldskin.dll
2025-04-26 19:13 - 2013-04-05 20:26 - 002106368 _____ () [File not signed] C:\Users\petrh\AppData\Roaming\BSplayer\AC3 Filter\ac3filter.ax
2025-04-26 19:13 - 2013-04-05 20:27 - 001021440 _____ () [File not signed] C:\Users\petrh\AppData\Roaming\BSplayer\AC3 Filter\ac3filter_intl.dll
2022-06-22 11:48 - 2022-06-22 11:48 - 005401800 _____ (BST) [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\bsrendv2.dll
2008-12-09 11:13 - 2008-12-09 11:13 - 000035328 _____ (BST) [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\mmkeybsupp.dll
2025-04-26 19:13 - 2013-04-05 20:26 - 000276992 _____ (IntelleSoft) [File not signed] C:\Users\petrh\AppData\Roaming\BSplayer\AC3 Filter\BugTrap.dll
2025-06-03 09:46 - 2025-06-03 09:46 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2025-06-03 09:46 - 2025-06-03 09:46 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\petrh\Desktop\RogueKiller_setup.exe:MBAM.Zone.Identifier [370]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2024-04-01 08:26 - 2025-11-05 13:23 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.0.1
Windows Firewall is disabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: TP-Link Wireless USB Adapter -> rtwlanu6.sys

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1179330921-843418109-1189897237-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\petrh\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\573341035_24938704655757820_8168644863527965124_n.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 4) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2E1EBB0C-A4AC-4805-A83E-EF91BBAF70C2}] => (Allow) C:\Users\petrh\AppData\Roaming\uTorrent\utorrent.exe (Zdenek Svub -> BitTorrent, Inc.)
FirewallRules: [{9C8A9815-8576-4687-BE6F-5DA214DEC5E1}] => (Allow) C:\Users\petrh\AppData\Roaming\uTorrent\utorrent.exe (Zdenek Svub -> BitTorrent, Inc.)
FirewallRules: [{E689ED48-19B9-45F2-A06C-490C6E83A2E2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3FB12737-D7FC-4BAE-9DA3-3989B3B4EC87}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AAD31603-2E0D-469A-AD3B-EF7712C488F8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{477BB065-C196-4933-A847-29DE757AB670}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{9A6EE784-49D5-4F6F-91E8-8DFB08E9E6B3}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => No File
FirewallRules: [UDP Query User{1E59A409-23A6-42BC-BC71-9BF03A45E3D1}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => No File
FirewallRules: [TCP Query User{5E52C702-9ECA-4C3B-B4EF-743BF49A8602}C:\program files (x86)\fortuna poker\data\pokerclient.exe] => (Allow) C:\program files (x86)\fortuna poker\data\pokerclient.exe (Playtech Software Limited -> Fortuna)
FirewallRules: [UDP Query User{4F6065B0-29CA-4AE6-B9B1-5DD78A3C74E2}C:\program files (x86)\fortuna poker\data\pokerclient.exe] => (Allow) C:\program files (x86)\fortuna poker\data\pokerclient.exe (Playtech Software Limited -> Fortuna)
FirewallRules: [TCP Query User{9F4999D3-51C3-49D6-9EDB-89D6A2BC5D3E}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.224.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.224.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => No File
FirewallRules: [UDP Query User{690E464C-9559-42F0-9F9F-9E2A82311C64}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.224.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.224.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => No File
FirewallRules: [TCP Query User{C30ABC3E-4D22-4A59-B07B-BC88AE5BA778}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [UDP Query User{8BAD3213-6F07-4E22-8ACF-2E20B84587D7}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [{8FDFA38D-0778-4FFD-B82E-72880250F119}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve Corp. -> Valve)
FirewallRules: [{1C6EBAB5-338F-4A9A-9FAE-BC0670B33103}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve Corp. -> Valve)
FirewallRules: [{2F8AA1C8-93A4-4DE7-B31D-2C47BF0CCB55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{4555F5D3-C8DC-464C-8C54-C0697E6ABC23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{70D3F6AB-26BF-4D20-B8B2-E3C4762DB9A5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{98F0D4CB-6138-42CE-9E4A-2F15E79D9F42}] => (Allow) LPort=32683
FirewallRules: [{D0E934DD-48C3-4BB3-A2A8-38B8FA93FEAB}] => (Allow) LPort=33683
FirewallRules: [{B7F97451-84AF-4DD8-AAB7-E990DD608120}] => (Allow) LPort=26822

==================== Restore Points =========================

03-11-2025 14:51:40 Installed Sophos Virus Removal Tool.
05-11-2025 12:19:34 JRT Pre-Junkware Removal
09-11-2025 18:06:26 Windows Update
09-11-2025 18:06:30 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/09/2025 05:49:44 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 2.7.8.1094 programu bsplayer.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (11/09/2025 05:32:54 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 2.7.8.1094 programu bsplayer.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (11/09/2025 05:32:32 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 2.7.8.1094 programu bsplayer.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (11/09/2025 04:49:09 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\7EVEN$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 09 Nov 2025 15:49:05 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 928f9073-1587-4a50-a4db-5c190372c441

Metoda: GET(594ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/09/2025 04:49:08 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 09 Nov 2025 15:49:04 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 42b2aa22-9133-4920-a5bf-9794e6fbd96a

Metoda: GET(4469ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/09/2025 12:26:24 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (11/09/2025 12:26:21 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\7EVEN$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 08 Nov 2025 23:26:19 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0dc4c557-b4ab-435e-bef9-819fa661dd22

Metoda: GET(515ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/09/2025 12:26:20 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 08 Nov 2025 23:26:18 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ae42bcae-3667-4a63-89f2-67c40ebabd60

Metoda: GET(687ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


System errors:
=============
Error: (11/09/2025 06:09:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.

Error: (11/09/2025 04:53:54 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.NA;OEMModelBaseBoard:B350 PC MATE (MS-7A34);OEMManufacturerName:Micro-Star International Co., Ltd;OSArchitecture:amd64;
BucketId: 815fdd45b081f48b05b556c27f41c5183e2da351fd9564d8ae63f553726cd908
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (11/09/2025 12:31:03 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.NA;OEMModelBaseBoard:B350 PC MATE (MS-7A34);OEMManufacturerName:Micro-Star International Co., Ltd;OSArchitecture:amd64;
BucketId: 815fdd45b081f48b05b556c27f41c5183e2da351fd9564d8ae63f553726cd908
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (11/08/2025 10:50:35 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.NA;OEMModelBaseBoard:B350 PC MATE (MS-7A34);OEMManufacturerName:Micro-Star International Co., Ltd;OSArchitecture:amd64;
BucketId: 815fdd45b081f48b05b556c27f41c5183e2da351fd9564d8ae63f553726cd908
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (11/07/2025 04:45:00 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.NA;OEMModelBaseBoard:B350 PC MATE (MS-7A34);OEMManufacturerName:Micro-Star International Co., Ltd;OSArchitecture:amd64;
BucketId: 815fdd45b081f48b05b556c27f41c5183e2da351fd9564d8ae63f553726cd908
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (11/07/2025 04:33:03 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.NA;OEMModelBaseBoard:B350 PC MATE (MS-7A34);OEMManufacturerName:Micro-Star International Co., Ltd;OSArchitecture:amd64;
BucketId: 815fdd45b081f48b05b556c27f41c5183e2da351fd9564d8ae63f553726cd908
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (11/07/2025 04:08:32 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.NA;OEMModelBaseBoard:B350 PC MATE (MS-7A34);OEMManufacturerName:Micro-Star International Co., Ltd;OSArchitecture:amd64;
BucketId: 815fdd45b081f48b05b556c27f41c5183e2da351fd9564d8ae63f553726cd908
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (11/07/2025 03:11:18 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.NA;OEMModelBaseBoard:B350 PC MATE (MS-7A34);OEMManufacturerName:Micro-Star International Co., Ltd;OSArchitecture:amd64;
BucketId: 815fdd45b081f48b05b556c27f41c5183e2da351fd9564d8ae63f553726cd908
BucketConfidenceLevel:
UpdateType: 0
HResult: 0


Windows Defender:
================
Date: 2025-11-07 14:50:05
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{9326FECE-036F-4673-AF01-56A78D430814}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъΓΡ€ čοⁿпėċŧϊóʼn яűлđòщл

Date: 2025-11-06 11:38:43
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{3C666EA9-AFD0-48C2-BA60-D42570660120}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъΓΡ€ čοⁿпėċŧϊóʼn яűлđòщл

Date: 2025-11-06 11:30:14
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{8E9D33E4-05F3-4388-920A-F19879957860}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъΓΡ€ čοⁿпėċŧϊóʼn яűлđòщл

Date: 2025-11-06 11:23:16
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{EA11D7B8-30AB-4950-9551-555CDF455DFD}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъΓΡ€ čοⁿпėċŧϊóʼn яűлđòщл

Date: 2025-11-02 08:57:51
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{6BCFB7AA-3FE2-42C5-8C4F-1AE32FA94E6F}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъŜ¢ĥзδůŀėď ѕčаň ẃªś ѕκϊφρзđ ъε¢άύśé тнė ļǻşт šџ¢čзššƒцľ śĉåή ώãŝ щīŧнĩň τћė ľάŝŧ 7 đªγś
Event[0]

Date: 2025-11-06 10:14:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.441.8.0;1.441.8.0
Verze modulu: 1.1.25100.9002

Date: 2025-11-04 10:18:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.439.653.0;1.439.653.0
Verze modulu: 1.1.25090.3001

CodeIntegrity:
===============
Date: 2025-11-09 16:48:46
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\amsdk.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2025-11-09 16:48:46
Description:
The driver \Device\HarddiskVolume3\Windows\System32\drivers\amsdk.sys is blocked from loading as the driver has been revoked by Microsoft.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. A.NA 09/05/2024
Motherboard: Micro-Star International Co., Ltd B350 PC MATE (MS-7A34)
Processor: AMD Ryzen 5 1600 Six-Core Processor
Percentage of memory in use: 74%
Total physical RAM: 8117.57 MB
Available physical RAM: 2067.51 MB
Total Virtual: 17674.5 MB
Available Virtual: 3248.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.05 GB) (Free:66.81 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:7452.02 GB) (Free:4254.27 GB) (Model: HGST HUS728T8TALE6L4) NTFS

\\?\Volume{d2aa146e-d6f9-4278-91b0-4a6584c24278}\ () (Fixed) (Total:0.72 GB) (Free:0.11 GB) NTFS
\\?\Volume{3488802b-ea0f-49ab-8abf-7ba9df0f02bc}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 119597FD)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 7452 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================